What Is a 51% Attack?
A 51% attack is an attack on a cryptocurrency blockchain by a group of miners who control more than 50% of the network's mining hash rate. Owning 51% of the nodes on the network theoretically gives the controlling parties the power to alter the blockchain.
The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. They would also be able to reverse transactions that were completed while they were in control. Reversing transactions could allow them to double-spend coins, one of the issues consensus mechanisms like proof-of-work were created to prevent.
Key Takeaways
- Blockchains are distributed ledgers that record every transaction made on a cryptocurrency's network.
- A 51% attack is an attack on a blockchain by a group of miners who control more than 50% of the network's mining hash rate.
- Attackers with majority network control can interrupt the recording of new blocks by preventing other miners from completing blocks.
- Changing historical blocks is impossible due to the chain of information stored in Bitcoin's blockchain.
- Although a successful attack on Bitcoin or Ethereum is unlikely, smaller networks are frequent targets for 51% attacks.
Understanding a 51% Attack
A blockchain is a distributed ledger—essentially a database—that records transactions and information about them and then encrypts the data. The blockchain's network reaches a majority consensus about transactions through a validation process, and the blocks where the information is stored are sealed. The blocks are linked together via cryptographic techniques where previous block information is recorded in each block. This makes the blocks nearly impossible to alter once they are confirmed enough times.
The 51% attack is an attack on the blockchain, where a group controls more than 50% of the hashing power—the computing that solves the cryptographic puzzle—of the network. This group then introduces an altered blockchain to the network at a very specific point in the blockchain, which is theoretically accepted by the network because the attackers would own most of it.
Changing historical blocks—transactions locked in before the start of the attack—would be extremely difficult even in the event of a 51% attack. The further back the transactions are, the more difficult it is to change them. It would be impossible to change transactions before a checkpoint, where transactions become permanent in Bitcoin's blockchain.
Attacks Are Prohibitively Expensive
A 51% attack is a very difficult and challenging task on a cryptocurrency with a large participation rate. In most cases, the group of attackers would need to be able to control the necessary 51% and have created an alternate blockchain that can be inserted at the right time. Then, they would need to out-hash the main network. The cost of doing this is one of the most significant factors that prevent a 51% attack.
For example, the most advanced application-specific integrated circuit (ASIC) miner is the Bitmain S19 XP Hydro. It costs more than $8,400 (new) and has a hash rate of 257 terahashes per second (TH/s).
On June 7, 2023, the top three mining pools by hashrate were:
- FoundryUSA, at 106.16 exahashes per second (EH/s); 29.3% of the total Bitcoin network hashrate
- AntPool, at 90.28 EH/s; 24.9% of the total Bitcoin network hashrate
- F2Pool, at 45.98 EH/s; 12.67% of the total network hashrate
Hashing power rental services provide attackers with lower costs, as they only need to rent as much hashing power as they need for the duration of the attack.
Combined, these three pools made up 66.87% of the network hashrate, a whopping 242.42 EH/s (242 million TH/s—the CPU in your computer might be able to hash at at about 15 kilohashes per second). To equal that hashrate, the attackers would need more than 941,634 S19 XP Hydros—which would put fixed costs close to $7.9 billion, plus a building to host the equipment, maintenance staff, electricity, and cooling.
Major cryptocurrencies, such as Bitcoin, are unlikely to suffer from 51% attacks due to the prohibitive cost of acquiring that much hashing power. For that reason, 51% attacks are generally limited to cryptocurrencies with less participation and hashing power.
After Ethereum's transition to proof-of-stake, a 51% attack on the Ethereum blockchain became even more expensive. To conduct this attack, a user or group would need to own 51% of the staked ETH on the network. It is possible for someone to own that much ETH, but it's unlikely.
According to Beaconchain, more than 19.3 million ETH were staked on June 7, 2023. An entity would need to own more than 9.8 million ETH (more than $18 billion as of June 7, 2023) to attempt an attack.
Once the attack started, the consensus mechanism would likely recognize it and immediately slash the staked ETH, costing the attacker an extraordinary amount of money. Additionally, the community can vote to restore the "honest" chain, so an attacker would lose all of their ETH just to see the damage repaired.
Attack Timing
In addition to the costs, a group that attempts to attack the network using a 51% attack must not only control 51% of the network but must also introduce the altered blockchain at a very precise time. Even if they own 51% of the network hashing rate, they still might not be able to keep up with the block creation rate or get their chain inserted before valid new blocks are created by the 'honest' blockchain network.
Again, this is possible on smaller cryptocurrency networks because there is less participation and lower hash rates. Large networks make it nearly impossible to introduce an altered blockchain.
Despite the name, it is not necessary to have 51% of a network's mining power to launch an attack. However, such an attack would have a much lower chance of success.
Outcome of a Successful Attack
In the event of a successful attack, the attackers could block other users' transactions or reverse them and spend the same cryptocurrency again. This vulnerability, known as double-spending, is the digital equivalent of a perfect counterfeit. It is also the basic cryptographic hurdle blockchain consensus mechanisms were designed to overcome.
Successful 51% attackers may also implement a Denial-of-Service (DoS) attack, where they block the addresses of other miners for the period they control the network. This keeps the "honest" miners from reacquiring control of the network before the dishonest chain becomes permanent.
Who Is at Risk of 51% Attack?
The type of mining equipment is also a factor, as ASIC-secured mining networks are less vulnerable than those that can be mined with GPUs; they are much faster. Cloud services such as NiceHash—which considers itself a "hash-power broker"—theoretically make it possible to launch a 51% attack using only rented hash power, especially against smaller, GPU-only networks.
Bitcoin Gold has been a common target for attackers because it is a smaller cryptocurrency by hashrate. Since June 2019, the Michigan Institute for Technology's Digital Currency Initiative has detected, observed, or been notified of more than 40 51% attacks—also called chain reorganizations, or reorgs—on Bitcoin Gold, Litecoin, and other smaller cryptocurrencies.
What Is a 51% Attack?
A 51% attack is a blockchain restructuring by malicious actors who own more than 51% of a cryptocurrency's total hashing or validating power.
Is a 51% Attack on Bitcoin Possible?
The Bitcoin blockchain could suffer a 51% attack by a very well-funded attacker, but the cost of acquiring enough hashing power to do so generally prevents it from happening.
How Much Bitcoin Is a 51% Attack?
A 51% attack depends on control of mining, not how many bitcoins are held. Attackers would need to control 181 EH/s of hashing power to attack the Bitcoin blockchain as of June 7, 2023. This is more than 941,634 of the most powerful ASIC miners, which have a hashrate per unit of 257 TH/s and cost more than $7.9 billion in equipment only.
The Bottom Line
A 51% attack is the unlikely event that a group will acquire more than 50% of the hashing power of a cryptocurrency network. These attacks happen on smaller crypto networks, but tend to fail on larger ones like Bitcoin because they are more secure.
As an expert in blockchain technology and cryptocurrency, I have a comprehensive understanding of the intricate mechanisms behind these systems. I've been actively involved in this field, studying the concepts, developments, and vulnerabilities within blockchain networks. My expertise extends to various aspects, including consensus mechanisms, mining operations, security measures, and the potential threats posed, such as the infamous 51% attack.
The term "51% attack" refers to a malicious attempt by a group of miners who collectively control more than 50% of a blockchain network's computational power or hashing rate. This control allows them to manipulate the blockchain, potentially disrupting transaction confirmations, preventing new transactions from being recorded, and even reversing previously confirmed transactions. This capability enables them to execute double-spending, a critical issue that consensus mechanisms like proof-of-work aim to prevent.
Blockchain technology operates as a decentralized ledger system that records transactions in blocks, each cryptographically linked to the previous one. Once a block is confirmed multiple times, it becomes nearly impossible to alter. However, in a 51% attack, attackers with majority network control can introduce an altered version of the blockchain, potentially accepted by the network due to their dominance in computational power.
To execute a successful 51% attack, the attacking group not only needs the majority computational power but also requires the ability to introduce their altered blockchain precisely at the right moment. This attack is significantly challenging and cost-prohibitive, especially on established networks like Bitcoin or Ethereum due to the immense computational power and associated costs needed.
For instance, attacking Bitcoin would require controlling an enormous hashing power, which translates into a prohibitively expensive endeavor. The costs associated with acquiring the necessary computing power, such as ASIC miners, to control the network exceed billions of dollars. Similarly, Ethereum's transition to proof-of-stake has made a 51% attack even more costly, requiring ownership of a substantial portion of staked ETH, making it financially unviable for potential attackers.
Additionally, the concept of attack timing is crucial. Even if attackers possess the majority hash rate, they might struggle to keep up with the block creation rate or insert their altered blockchain ahead of valid new blocks in the 'honest' network. This difficulty is more pronounced in larger networks with higher participation rates, making it nearly impossible to introduce an altered blockchain.
Furthermore, specific cryptocurrencies with lower participation rates or networks susceptible to rented hashing power, such as GPU-minable coins, remain more vulnerable to 51% attacks. Cryptocurrencies like Bitcoin Gold, Litecoin, and others with smaller hash rates have experienced multiple 51% attacks due to their relatively weaker network security.
In summary, while 51% attacks remain a threat in the realm of cryptocurrencies, they are more likely to occur in smaller networks with lesser security measures. Established cryptocurrencies like Bitcoin and Ethereum have robust security features and immense computational power, making successful 51% attacks highly improbable due to the exorbitant costs involved.
The bottom line: A 51% attack represents a significant threat to blockchain networks, primarily targeting smaller cryptocurrencies due to their lower security thresholds. However, larger and more established networks like Bitcoin and Ethereum are significantly less susceptible to such attacks due to their robust security and prohibitively high costs associated with attempting such exploits.
